SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 34

changes.mady.by.user Michal Rozenau

Saved on

compared with

New Version Current

changes.mady.by.user David Svoboda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: REM cost reform

...

Risk Assessment

Rule

Severity

Likelihood

Detectable

RepairableRemediation Cost

Priority

Level

JNI01-J

highlikely

No

No

low

P27

P9

L1L2

Automated Detection

Detecting calls, such as java.lang.System.loadLibrary(), that perform tasks using the immediate caller's class loader can be detected automatically.  Determining whether the use of these calls is safe cannot be done automatically.

...

MITRE CWE

CWE-111. Direct use of unsafe JNI

Secure Coding Guidelines for Java SE, Version 5.0

Guideline 9-9. Safely invoke standard APIs that perform tasks using the immediate caller's class loader instance

Bibliography

 [Oracle 2014]



...